[
https://issues.apache.org/jira/browse/KUDU-3316?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17484578#comment-17484578
]
ASF subversion and git services commented on KUDU-3316:
-------------------------------------------------------
Commit feaccee2b82ebd47d8244a1fdf346c1394c8ae91 in kudu's branch
refs/heads/master from Attila Bukor
[ https://gitbox.apache.org/repos/asf?p=kudu.git;h=feaccee ]
[security] KUDU-3316 Add encrypted file keys
The previous patches in the data at rest encryption saga add the ability
to encrypt data at rest, but files were encrypted using the same hard-coded
key.
This patch adds an extra header to encrypted files to store the
encryption algorithm used and the encrypted file key. For now, the file
keys are encrypted with the same dummy encryption key which was
previously used to encrypt the files.
The header is a bit different from the one described in the design doc:
The encryption algorithm and key length was changed to be stored in
1 byte instead of 2 for easier handling and the magic string is
"kuduenc" instead of "kuduen".
This patch also introduces a new flag which is hidden for now:
--encryption_key_length. This can be set to any valid AES key length as
per its specification (128, 192, or 256 bits), as only AES encryption is
supported for now, and there are no plans to support anything else in
the foreseeable future.
As we add a 64-byte header to encrypted files, some changes had to be
made to code that handles files and relies on sizes and offsets,
including in tests. One of these changes is in the LogBlockManager,
which expects blocks to be aligned to file system block boundaries,
which is necessary for hole punching. With encryption enabled, extra
steps are necessary to align the first block, and aligning blocks makes
it impractical to hide encryption header size within Env and use
logical file sizes outside of it.
This commit also changes the PBC tool to check if a file is encrypted
based on the encryption header instead of the file name.
I ran the full test suite manually locally and on dist-test with
encryption enabled to make sure turning on encryption doesn't break
anything:
http://dist-test.cloudera.org/job?job_id=abukor.1643215963.60435
To make running dist-test with encryption enabled possible, this commit
also adds forwarding the KUDU_ENCRYPT_DATA_IN_TESTS environment variable
to dist_test.py.
Change-Id: Idb1282c117271fda63a8cc54c00add7cc96dcffd
Reviewed-on: http://gerrit.cloudera.org:8080/18025
Reviewed-by: Alexey Serbin <[email protected]>
Tested-by: Kudu Jenkins
Reviewed-by: Andrew Wong <[email protected]>
> Store encrypted encryption keys in encrypted files
> --------------------------------------------------
>
> Key: KUDU-3316
> URL: https://issues.apache.org/jira/browse/KUDU-3316
> Project: Kudu
> Issue Type: Sub-task
> Reporter: Attila Bukor
> Assignee: Attila Bukor
> Priority: Major
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
